At the prestigious Usenix Conference, a research team presented techniques that they could outsmart Apple's precautions against Trojans. They smuggled a seemingly harmless app in Apple's App Store, which only subsequently revealed their true face and "Jekyll on iOS" became true.
There are two obstacles that prevent the smuggling of malware into the app store. The first is that every app prior to inclusion in the App Store is subjected to tests that are not documented anywhere by Apple.The second is that unlike Google's Android , on an iOS device code execution only takes place of the apps which bears a digital signature from the operating system vendor(Apple).
Instead of skipping, the researchers have overcome these hurdles. They ranged from an Apple a little program, which presented itself at startup as a harmless News app , which at this time had no hidden additional functions. However, the researchers were specifically able to built vulnerabilities in the app which can be exploited remotely. After starting the app will quite normally contact the developers server which is normal but With the specially crafted commands they were able to remotely exploit these vulnerabilities and thus take control of the program flow.
Using a code rearrangement technique called "Return Oriented Programming", the researchers were able to change the existing code fragments and put it together into its spying capabilities.
In principle, these are the same techniques that a iOS jailbreaker brings for his code to be executed in the ios device. The Paper "Jekyll on iOS: When Benign Apps Become Evil" contains fascinating details of all the technology used, with which they were able to bypass the security restrictions imposed by Apple.
The Trojan can send e-mails, text messages, tweets, reads information from device and can also control the camera. The real purpose of the exercise was not to construct a super-Trojan, but to show that you can crack Apple's iOS security concept .
No comments:
Post a Comment